Commentaries and Analyses – Page 780

Defining Reasonable Security

Posted on August 3, 2012 by Dissent

Tracy Kitten writes: Last month, an appellate court in Boston reversed a lower court’s ruling that favored a bank in a legal dispute over a 2009 account takeover incident (see PATCO ACH Fraud Ruling Reversed.) Was that appellate ruling fair? Based on the security practices that most banking institutions used in 2009, probably not. The case…

OR: Hacking cases down, still a threat: by the numbers

Posted on August 2, 2012 by Dissent

Some interesting stats in a news report by Queenie Wong in the Statesman Journal: Cybersecurity by the Numbers Since 2009, state agencies have been required to report the number of suspicious information security incidents to the state’s Enterprise Security Office, which is part of the Department of Administrative Services. All incidents are not necessarily considered…

Data breaches up 19 percent, GAO reports

Posted on July 31, 2012 by Dissent

Federal data breaches jumped 19 percent last year, the Government Accountability Office said Tuesday. There were roughly 13,000 incidents reported by agencies in 2010 involving unauthorized disclosures of personally identifiable information — last year, that figure shot up to 15,500, Greg Wilshusen, GAO’s director of information security issues, told the Senate subcommittee on government management…

Recent Developments — Both in the Courts and in Congress — on the Scope of the Computer Fraud and Abuse Act

Posted on July 31, 2012 by Dissent

Orin Kerr writes: I’ve blogged a lot on the scope of the Computer Fraud and Abuse Act, and specifically on whether using a computer in violation of a computer use policy or Terms of Service is a federal crime. I’ve been banging the drum urging courts to adopt a narrow interpretations of the Act for a decade,…

Latest Data Breach Notification Bill Won’t Go Far

Posted on July 24, 2012 by Dissent

Eduard Goodman of Identity Theft 911 dissects the data breach notification bill introduced last month by Rep. Toomey and finds it seriously wanting: The latest bill to address the problem of data breaches is just one of an increasingly long line of proposed federal breach notice regulations with little to no chance of becoming law…

FTC Action Against Wyndham May Provide First Fully Litigated Section 5 Privacy/Security Case

Posted on July 13, 2012 by Dissent

Hogan Lovells Chronicle of Data Protection has a commentary on the FTC’s lawsuit against Wyndham (mentioned previously on this blog): On June 26, the FTC filed a complaint against Wyndham Worldwide Corporation, a global hotel and resort company, and three of its subsidiaries for violation of Section 5 of the FTC Act. If this case goes to…